Start up problems xp

Status
Not open for further replies.
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi Fiery,

FYI


Igorica said:
Hi!

I notice today while surfing the net that my laptop freezes a little, I don't know if that has something to do with the virus.

I tried to post the logs which I got after Hitmanpro scan but I couldn't post them.

Code: 
HitmanPro 3.7.1.186
www.hitmanpro.com

   Computer name . . . . : KORISNIK-325758
   Windows . . . . . . . : 5.1.3.2600.X86/2
   User name . . . . . . : KORISNIK-325758\korisnik
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-02-01 21:56:23
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 31s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 42

   Objects scanned . . . : 687.608
   Files scanned . . . . : 33.564
   Remnants scanned  . . : 248.379 files / 405.665 keys

Suspicious files ____________________________________________________________

   E:\Documents and Settings\korisnik\My Documents\util\TEMSSetup-x32.exe
      Size . . . . . . . : 1.531.971 bytes
      Age  . . . . . . . : 1585.1 days (2008-09-30 18:43:19)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 0BFA43932BFBBA47E6B9D2EA18DA92EFA2A3F6B88242F49F9155B8067567DE14
      Publisher  . . . . : Threat Expert Ltd.                                          
      Description  . . . : ThreatExpert Memory Scanner Setup                           
      Version  . . . . . : ThreatExpert
      Copyright  . . . . : Threat Expert Ltd.                                                                                  
      RSA Key Size . . . : 1024
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 31.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.


Malware remnants ____________________________________________________________

   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE
ERROR
PAGE
BYPASS
ZONE
CHECK
FOR
HTTPS
KB954312\ (Trojan.FakeAV)

Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1\ (Babylon)
   HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr\ (Babylon)

Repairs _____________________________________________________________________

   hosts
   E:\WINDOWS\system32\drivers\etc\


Cookies _____________________________________________________________________

   E:\Documents and Settings\korisnik\Application Data\Mozilla\Firefox\Profiles\bcs0odkv.default\cookies.sqlite:ad.yieldmanager.com
   E:\Documents and Settings\korisnik\Cookies\59L0I4Z6.txt
   E:\Documents and Settings\korisnik\Cookies\BEZF3GAD.txt
   E:\Documents and Settings\korisnik\Cookies\C7H0ER9P.txt
   E:\Documents and Settings\korisnik\Cookies\JV5NTNEN.txt
   E:\Documents and Settings\korisnik\Cookies\KULATPQO.txt
   E:\Documents and Settings\korisnik\Cookies\ND1O2XKY.txt
   E:\Documents and Settings\korisnik\Cookies\NSGQCMPK.txt
   E:\Documents and Settings\korisnik\Cookies\OY47NYJW.txt
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.net.hr
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adbrite.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.24sata.hr
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.emg-network.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtech.de
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atdmt.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:choicemediainc.112.2o7.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:collective-media.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:dmtracker.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:h.atdmt.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:kontera.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:linksynergy.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:revsci.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ru4.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:statcounter.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:stats.snacktools.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.adform.net
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:xiti.com
   E:\Documents and Settings\korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:zedo.com
Click to expand...
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi Igorica,

Now your other logs seems good... :)

Download List Parts 32bit. Double click on the Listpart icon and click scan. A log will be generated, post it in your next reply.
 
I

Igorica

New Member
Thread author
Apr 8, 2012
36
kuttus said:
Hi Igorica,

Now your other logs seems good... :)

Download List Parts 32bit. Double click on the Listpart icon and click scan. A log will be generated, post it in your next reply.
Click to expand...

Glad to hear that! :)

Here is the log....
 

Attachments

  • Listsparts.txt
    1.6 KB · Views: 96
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay... Which browser is Freezing up? Is it happening for both of them?
 
I

Igorica

New Member
Thread author
Apr 8, 2012
36
kuttus said:
Okay... Which browser is Freezing up? Is it happening for both of them?
Click to expand...
No, I have rarely used IE, I use Chrome and sometimes Mozilla Firefox, but now mostly Google Chrome, and yes, I notice that Chrome is freezing.
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Are you using Google Chrome Version 24?


Please send me one new OTL Scan log also.....
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay Thank you...

Now Open Google Chrome and Click on Settings --> Extensions --> Check if what are the Extensions you can see there... Disable all those Extensions and try to work on the Google Chrome... Check how it is working after disable them...
 
I

Igorica

New Member
Thread author
Apr 8, 2012
36
kuttus said:
Okay Thank you...

Now Open Google Chrome and Click on Settings --> Extensions --> Check if what are the Extensions you can see there... Disable all those Extensions and try to work on the Google Chrome... Check how it is working after disable them...
Click to expand...

I checked it and have no extensions.
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay... Please back up your Google Chrome BookMarks and Remove the Version 24 completely from computer and install Version 22... Check after that if it is working or not.......
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay Cool... Check it for 1 day and let me know if you are facing any more issues...

Igorica said:
kuttus said:
Igorica said:
I uninstalled Version 24 and installed 22 but now when I open "about google chrome" it says Version 24.0.1312.57 m
Google Chrome is up to date.
Click to expand...

Ooops... Do one thing.. Delete the Folders for Google Chrome from the computer..

c:\Program Files\Google

C:\Documents and Settings\Your User Name Local Settings\Application Data\Google

Then Install Google Chrome 22 and disconnect the Internet....

Goto Start Menu Run-->Type MSCONFIG

Got to the Tab Start Up.. There you can see Google and Google Chrome. Uncheck it... Got to the Tab Services.. Uncheck the Google Update Service and Restart the computer.. Now it will not install Version 24...
Click to expand...

I couldn't see Google and Google Chrome in Start up tab so I couldn't unchecked it, but it seems now that everything is ok. Version 22 is here and works good
Click to expand...
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Double click on OTL to run it
  • Click on the Cleanup button at the top.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
  • This will remove itself and other tools we may have used.



Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one

For Vista
Create a restore point
Delete all but the most recent restore point

For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link



Keep your system updated
  • Keeping your programs (especially Adobe and Java products) updated is essential. Update Checker will notify you if any of your programs require an update.
  • Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
  • Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here

I also recommend you to switch your antivirus program to a better one. Here are some suggestions:

In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.


Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.
  • KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
  • AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
  • NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
  • Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask :)

<hr />
What's next?
  1. Bulild up your malware defenses by starting a new thread in Security Configuration Wizard forum.
  2. Learn how to avoid malware by reading this article <a href="http://malwaretips.com/blogs/how-to-easily-avoid-pc-infections/">How to easily avoid malware</a>
  3. Be an active member in the MalwareTips community! :)



My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
This thread is now closed.​
Reason:&nbsp;<span style="color: #ff0000;">Issue Resolved</span>

<span style="color: #ff0000;"><>The procedures contained in this thread are for this user and this user only.&nbsp;&nbsp;Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair.&nbsp;&nbsp;</></span>

<span style="color: #ff0000;"><>DO NOT use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.</></span>

All members requesting Malware Removal Assistance are required to follow all procedures in the thread


My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
 
Last edited by a moderator:
Status
Not open for further replies.

Similar threads

tanner_doriano
  • Locked
No Reply PC Infected with Persistent Malware Downloading Files Hourly
Replies
7
Views
402
Windows Malware Removal Help & Support
icotonev
icotonev
sheffieldyorky
    • Like
  • Locked
I thought that the end of the "alphabet" was "X Y Z" now I have found out otherwise please help
Replies
13
Views
641
Windows Malware Removal Help & Support
nasdaq
nasdaq
F
    • Like
  • Locked
Waiting for reply Problems with windows 11
Replies
1
Views
835
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top